This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote host is affected by multiple command injection
The remote host is running a version of Palo Alto Networks PAN-OS
prior to 3.1.10 / 4.0.5. It is, therefore, affected by multiple
command injection vulnerabilities :
- A vulnerability exists that allows an authenticated user
to inject arbitrary shell commands via the CLI.
(CVE-2012-6591 / PAN-SA-2012-0002)
- A vulnerability exists that allows an unauthenticated
user to inject commands as root on the device.
(CVE-2012-6592 / PAN-SA-2012-0003)
See also :
Upgrade to PAN-OS version 3.1.10 / 4.0.5 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false